Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,724
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 15,641 - 15,660 of 38,432 CVEs
CVE-2026-25863 HIGH - 7.5

Conditional Fields for Contact Form 7 WordPress plugin through version 2.6.7 contains an uncontrolled resource consumption vulnerability in the Wpcf7cfMailParser class where the hide_hidden_mail_fields_regex_callback() method reads an iteration count directly from user-supplied POST parameters witho...

Vendor: Jules Colle
Product: Conditional Fields for Contact Form 7
Published: May 04, 2026
Source: NVD

Incus is a system container and virtual machine manager. In versions before 7.0.0, broken TLS validation logic in the OVN database connection logic can allow connections to an attacker's OVN database. The OVN client implementations disable Go standard TLS server verification and replace it with...

Vendor: go
Product: github.com/lxc/incus/v6/cmd/incusd
Published: May 04, 2026
Source: GitHub
CVE-2026-43616 HIGH - 7.1

Detect-It-Easy prior to 3.21 contains a path traversal vulnerability that allows attackers to write arbitrary files to the filesystem by crafting malicious archive entries with relative traversal sequences or absolute paths. Attackers can exploit insufficient path normalization during archive extrac...

Vendor: horsicq
Product: DIE-engine
Published: May 04, 2026
Source: NVD
CVE-2026-42796 CRITICAL - 9.8

Arelle before 2.39.10 contains an unauthenticated remote code execution vulnerability in the /rest/configure REST endpoint that accepts a plugins query parameter and forwards it to the plugin manager without authentication or authorization. Attackers can supply a URL to a malicious Python file throu...

Vendor: Arelle
Product: Arelle
Published: May 04, 2026
Source: NVD
CVE-2026-42146 MEDIUM - 5.5

CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nb_colors field read from the BMP file header is used directly to compute an allocation size without validating it against the remaining file size. A crafted BMP file with a large nb_colors value triggers an out-of-memo...

Vendor: GreycLab
Product: CImg
Published: May 04, 2026
Source: NVD
CVE-2026-42144 MEDIUM - 6.1

CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the W*H*D size computation inside _load_pnm() that can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap aro...

Vendor: GreycLab
Product: CImg
Published: May 04, 2026
Source: NVD
CVE-2026-42140 MEDIUM - 4.4

PlantUML Macro is a macro for rendering UML diagrams from simple textual schemes. Prior to version 2.4.1, the PlantUML Macro is vulnerable to Server-Side Request Forgery (SSRF). The macro allows users to specify an alternative PlantUML server via the server parameter. However, the application does n...

Vendor: xwiki-contrib
Product: macro-plantuml
Published: May 04, 2026
Source: NVD
CVE-2026-42138 MEDIUM - 6.1

Dify is an open-source LLM app development platform. Prior to version 1.13.1, using the method POST /api/files/upload, any unauthenticated user can upload an SVG file with XSS. The method POST /v1/files/upload, which requires authentication through the application API, is also vulnerable. This issue...

Vendor: langgenius
Product: dify
Published: May 04, 2026
Source: NVD
CVE-2026-42092 MEDIUM - 6.5

titra is an open source time tracking project. In version 0.99.52, the globalsettings Meteor publication returns all global settings without any admin or role check. Any authenticated user can subscribe via DDP and receive sensitive configuration fields such as google_secret, openai_apikey, and goog...

Vendor: titraio
Product: titra
Published: May 04, 2026
Source: NVD
CVE-2026-42091 MEDIUM - 6.5

goshs is a SimpleHTTPServer written in Go. Prior to version 2.0.2, the PUT upload handler (httpserver/updown.go) lacks the CSRF token validation that was added to the POST upload handler during the CVE-2026-40883 fix. Combined with the unconditional Access-Control-Allow-Origin: * on the OPTIONS pref...

Vendor: patrickhener
Product: goshs
Published: May 04, 2026
Source: NVD
CVE-2026-42088 CRITICAL - 9.6

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0-rc3, the Script Runner widget allows users to execute Python and Ruby scripts directly from the openc3-COSMOS-script-runner-api container. Because all the do...

Vendor: OpenC3
Product: cosmos
Published: May 04, 2026
Source: NVD
CVE-2026-42087 CRITICAL - 9.6

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From version 6.7.0 to before version 7.0.0-rc3, a SQL injection vulnerability exists in the Time-Series Database (TSDB) component of COSMOS. The tsdb_lookup function in the cvt_mod...

Vendor: OpenC3
Product: cosmos
Published: May 04, 2026
Source: NVD
CVE-2026-42086 MEDIUM - 4.6

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0, the Command Sender UI uses an unsafe eval() function on array-like command parameters, which allows a user-supplied payload to execute in the browser when s...

Vendor: OpenC3
Product: cosmos
Published: May 04, 2026
Source: NVD
CVE-2026-42085 MEDIUM - 4.3

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, OpenC3 COSMOS contains a design flaw in the save_tool_config() function that allows saving tool configuration files at arbitrary locations i...

Vendor: OpenC3
Product: cosmos
Published: May 04, 2026
Source: NVD
CVE-2026-42084 HIGH - 8.1

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, the OpenC3 password change functionality allows a user to change their password without providing the old password, by accepting a valid ses...

Vendor: OpenC3
Product: cosmos
Published: May 04, 2026
Source: NVD
CVE-2026-41471 HIGH - 7.5

Easy PayPal Events & Tickets plugin for WordPress versions 1.3 and earlier contain an information disclosure vulnerability in the QR code scanning endpoint that allows unauthenticated attackers to enumerate and retrieve all customer order records. Attackers can iterate over sequential WordPress ...

Vendor: Scott Paterson
Product: easy-paypal-events-tickets
Published: May 04, 2026
Source: NVD
CVE-2026-37459 HIGH - 7.5

An integer underflow in FRRouting (FRR) stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message.

Published: May 04, 2026
Source: NVD
CVE-2026-32834 HIGH - 7.5

Easy PayPal Events & Tickets plugin for WordPress version 1.3 and earlier contain a hardcoded authentication bypass vulnerability in the QR code scanning functionality that allows unauthenticated remote attackers to bypass hash verification by supplying 'test' as the hash parameter. At...

Vendor: Scott Paterson
Product: easy-paypal-events-tickets
Published: May 04, 2026
Source: NVD

Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.

Published: May 04, 2026
Source: NVD
CVE-2026-29004 HIGH - 8.1

BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client (udhcpc6) DNS_SERVERS option handler in networking/udhcp/d6_dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6_OPT_DNS_SE...

Vendor: vda-linux
Product: busybox_mirror
Published: May 04, 2026
Source: NVD